<?php


if (!defined('EXPONENT')) exit('');

$link = null;
if (isset($_POST['id'])) {
	$link = $db->selectObject('cauthay_item','id='.$_POST['id']);
	if ($link) {
		$loc = unserialize($link->location_data);
	}
}

if (($link && exponent_permissions_check('edit',$loc)) || (!$link && exponent_permissions_check('create',$loc))) {
	$link = cauthay_item::update($_POST,$link);
	$link->location_data = serialize($loc);
	
	/*
	 * Immanuel192 - ABSoft
	 * Upload Image
	 */ 
	if ($_FILES['image_id']['name'] != '') {
		$directory = 'files/cauthaymodule/'.$loc->src;
		$file = file::update("image_id",$directory,null,time()."_".$_FILES['image_id']['name']);
		//$file = file::update('file',$directory,null);
		if (is_object($file)) {
			if (isset($link->id)) {
				// We have a link already.  Delete the old one
				$oldfile = $db->selectObject('file','id='.$link->image_id);
				file::delete($oldfile);
			}
			$link->image_id = $db->insertObject($file,'file');
		} else {
		// If file::update() returns a non-object, it should be a string.  That string is the error message.
			$post = $_POST;
			$post['_formError'] = $file;
			exponent_sessions_set('last_POST',$post);
			header('Location: ' . $_SERVER['HTTP_REFERER']);
			exit();
		}
		// here, we update picpath
		
		$link->picpath=$directory . "/" . $file->filename;
	}
	// end of image upload
	
	if (isset($link->id)) {
		$db->updateObject($link,'cauthay_item');
	} else {
		$db->insertObject($link,'cauthay_item');
	}
	exponent_flow_redirect();
} else {
	echo SITE_404_HTML;
}

?>
